Help with a Site-to-Site VPN Cisco PIX 506e and 2611

I already have a site-to-site VPN working between a PIX 506e and 515 PIX. Now I need to add another site with a Cisco 2611 router. So far I am just trying to get the VPN between the 2611 and 506 working with no luck. I'm fairly sure that my PIX configuration is correct because I have just copied my working config with the information for the router. Any help with my config would be greatly appreciated.

You can't use transport mode (defined under transform-set) and you need to allow IKE and ESP traffic in your inbound ACL. A router is quite different from am ASA in many aspects of firewall and VPN configuration.

0

sycompAuthor Commented: 2008-06-26

Ok, I changed transport mode to tunnel mode. How would I allow ike and esp traffic in my inbound ACL?